# generate an integer based on the first character (its ASCII value, minus 64, x 3)

my$grade=3*(ord(substr($str,0,1))-64);

#

# increment if it's a "minus" grade

#

$grade++if('-'eqsubstr($str,1,1));

#

# decrement if it's a "plus" grade

#

$grade--if('+'eqsubstr($str,1,1));

my$msg=sprintf('TLS configuration grade is "%s"',$str);

# 4 is "A-":

if($grade>4){

fail($msg);

}else{

pass($msg);

}

}

# Implementation Guide - RDAP Protocol - 1.4: An RDAP client SHOULD be able to successfully validate the TLS certificate used for the RDAP service with a ​TLSA​ record from the DNS (​RFC6698​ and RFC7671​) published by the RDAP service provider. The certificate(s) for the RDAP service associated by DNS-Based Authentication of Named Entities (DANE) SHOULD satisfy the requirements of section 1.5.

warning('Entity (registrar) record validation is not currently available');

note('Entity (registrar) record validation is not currently available');

}

sub check_nameserver_conformance{

...

...

@@ -383,13 +436,18 @@ sub check_nameserver_conformance {

# Implementation Guide - Nameserver Queries - 4.2: The ​unicodeName​ member MAY be present in the response to a ​nameserver lookup.

# Implementation Guide - Nameserver Queries - 4.3: ​In the case of a Registry in which name servers are specified as domain attributes, the existence of a name server used as an attribute for an allocated domain name MUST be treated as equivalent to the existence of a host object.